System, method and program product for controlling access to computer system

ABSTRACT

The computer system initially operates in a fully operational mode in which an operating system in the computer system is operating and the computer system executes one or more user applications installed in the computer system. In response to a predefined time interval lapsing, the computer system automatically switches from the fully operational mode to a limited operational mode in which the one or more user applications are terminated, the operating system is shut down, and a BIOS within the computer system solicits entry of a password by a user. If the user fails to enter a valid password, operation of the operating system and execution of the one or more user applications are prevented. If a user attempts to activate the computer system for which the time interval has already lapsed, a BIOS within the computer system boots up, determines that the computer system is currently set for a limited operational mode, prevents boot up of an operating system of the computer system, and solicits a password from a user. If the user fails to enter a valid password, the BIOS continues to prevent boot up of the operating system. If the user enters a valid password, the operating system boots up and executes one or more user applications within the computer system.

BACKGROUND OF THE INVENTION

The present invention relates generally to computer systems, and moreparticularly to preventing access by an unauthorized person to acomputer, such as in the case of theft of the computer.

When many different people share a computer system, access to thecomputer system or to parts of the computer system has to be controlled.Access control is currently known so that only authorized users can makeuse of the computer system and its associated user application(s).Access control prevents usage of the computer system by non-authorizedpersons. In this way, access control protects a computer system or partsof a computer system from misuse.

The most common access control techniques are based on a password drivenaccess to the computer system. There exist different levels of passwordaccess or password protection of computer systems. Typically, a passwordaccess is either user related or device oriented. The user relatedaccess makes use of a user identifier (“userID”) that is unequivocallyassociated to each authorized user of the computer system. Before makinguse of the computer system, each user has to pass an authentication orlogin procedure thereby confirming his or her identity. Typically, theuser has to enter a valid combination of user identifier and password.Only when the user has successfully passed the login procedure, accessto the computer system is granted. Typically, such user relatedauthentication procedures are purely software implemented and arecommonly used by the most common multi-user operating systems such ase.g. UNIX™ (licensed by X/Open Company Limited), LINUX™ (of LinusTorvalds), or Windows™ (of Microsoft Corporation) operating system.

Device oriented authentication procedures protect hardware or hardwarecomponents of the computer system from unauthorized modification. Forexample, BIOS-password protection or hard disc drive (HDD) passwordprotection are common techniques to prevent unauthorized persons frommodifying the hardware configuration of a computer system.

Even though there are advanced encryption mechanisms for storing useridentifications and associated passwords on the computer system, amisuse by unauthorized users is still possible. Any unauthorized personthat takes possession of a valid combination of user identification andcorresponding password gets access to the computer system.

Access protection of mobile computer systems is important when thecomputer system is stolen. It is important to protect the data from thethief. Also, a stolen computer system becomes worthless to a thief, whenthe thief has no access to user identification and password or has nomeans to circumvent the inherent access controlling mechanism. Withinthe framework of personal computer systems, an unauthorized user can inprincipal seize control of the computer system, i.e. circumvent theprotection mechanism by simply installing another operating system ordifferent time interval setting program on a stolen computer system.

The above described access protection techniques as they are known fromthe prior art are not appropriate in an industrial environment wheremany users share one mobile computer system. For example, in the fieldof portable diagnosis computer systems for automotive engines and otherindustrial applications, password driven access to the diagnosis systemis inconvenient because the diagnosis system is shared by many differentusers. It would be burdensome for each user to have to authenticatehimself or herself multiple times each day.

Accordingly, an object of the present invention is to control access toa computer system to deter theft and other unauthorized use, withoutrequiring conventional password protection.

SUMMARY OF THE INVENTION

The present invention resides in a system, method and program productfor controlling access to a computer system. The computer systemoperates in a fully operational mode in which an operating system in thecomputer system is operating and the computer system executes one ormore user applications installed in the computer system. In response toa predefined time interval lapsing, the computer system automaticallyswitches from the fully operational mode to a limited operational modein which the one or more user applications are terminated, the operatingsystem is shut down, and a BIOS within the computer system solicitsentry of a password by a user. If the user fails to enter a validpassword, operation of the operating system and execution of the one ormore user applications are prevented.

The present invention also resides in a system, method and programproduct for controlling access to a computer system. A user attempts toactivate the computer system. In response, a BIOS within the computersystem boots up, determines that the computer system is currently setfor a limited operational mode, prevents boot up of an operating systemof the computer system, and solicits a password from a user. If the userfails to enter a valid password, the BIOS continues to prevent boot upof the operating system. If the user enters a valid password, theoperating system boots up and executes one or more user applicationswithin the computer system.

The following are features which can be included in the presentinvention:

The invention provides a method of access protection of a computersystem having a locked and an unlocked mode. Being in locked mode, thefunctionality of the computer system is limited to a password dialogueinterrupting a boot process of the computer system. An interrupted bootprocess of the computer system only proceeds in response of a userentering the correct password in the password dialogue. Entering of anincorrect password in the password dialogue for a predefined number oftimes deactivates the computer system. The computer system switches fromunlocked mode into the locked mode when a predefined time interval haselapsed. When the computer system is deactivated it becomes useless foran unauthorized person or a thief. When deactivated, a time delay isenforced after which the password dialogue of the locked mode appearsagain. Generally, the password for reactivating the computer system orfor switching the computer system from the locked mode into the unlockedmode is not known to any user. Such a password is only needed inexceptional situations, such as when a theft or unauthorized handling ofa computer system. While in ordinary use the period of the time intervalkeeps the computer system in the unlocked mode, i.e. no password isrequired for the usage of the computer system.

In locked mode, the boot process of the computer system is interruptedby the password dialogue prior to a booting of an operating system ofthe computer system. Consequently, the password dialogue of the lockedmode is independent of the operating system in use. Preferably, thepassword dialogue is implemented in a booting process of the computersystem's BIOS. In this way, an unauthorized person such as a thief isnot able to circumvent the password dialogue by installing a differentoperating system or other software product trying to disable the accesscontrol.

The time interval controlling the switching into the locked mode isdefined by an update process of a user application(s) or by anauthenticated user. By performing the update process of the userapplication(s), the time interval is extended to extend the time framefor which the computer system is running in the unlocked mode.Alternatively, the time interval can be manually defined by anauthenticated user.

The time interval defined by the update process of the userapplication(s) elapses after the date from where a subsequent update ofthe user application(s) becomes available. Assuming that whenever a userapplication(s) update becomes available, the update is also installed onthe computer system, the time interval is extended such that thesubsequent user application(s) update is available before the redefinedtime interval elapses. Subsequently installing all available andprovided user application(s) updates prevents the computer system fromswitching into locked mode. When in ordinary use, i.e. regularlyinstalling user application(s) updates, the user does not even realizethat there exists an access protection of the computer system. Only inthe exceptional situation, when for example the computer system issubject to theft or when an available user application(s) update is notinstalled on the computer system, the time interval elapses and thecomputer system switches into the locked mode.

The time interval is given by a specific time and date or by a maximumallowable operation time of the user application(s). Consequently, thetime interval either serves as an expiry date of the user application(s)and the entire computer system or as a time meter defining the timeinterval for which the user application(s) and/or the computer systemoperate in unlocked mode. The password of the password dialogue isgenerated on the basis of a hardware identifier of the computer system.The hardware identifier, e.g. a serial number of the computer system, isstored in a nonvolatile memory of the computer system and is displayedin the password dialogue. The hardware identifier uniquely identifieseach computer system. By storing the hardware identifier in anonvolatile memory that cannot be manipulated by an operating system ofthe computer system, it becomes almost impossible for a thief to eraseor manipulate the hardware identifier. Making use of this hardwareidentifier, it is easy to determine whether a portable computer systemhas been stolen or has been subject to unauthorized usage. Reactivatingor unlocking the computer system comprises the steps of transmitting thehardware identifier and required user information to a central databasesystem, checking an authentication of the user by the central databasesystem on the basis of the hardware identifier and the user information,receiving a correct password from the central database system when theauthentication of the user has been asserted by the central databasesystem and finally entering the received password in the passworddialogue in order to reactivate or unlock the computer system. When acomputer system is purchased by a user from a supplier, the user has toregister in the central database system by providing particular userspecific information together with the hardware identifier of thepurchased computer system. By means of this registering procedure, theuser becomes legitimated to receive updates of the user application(s)as well as to receive the correct password for his particular computersystem. The central database system will not deliver the password ortime interval setting program update to a user that is not registered.As a consequence an unauthorized person contacting the central databasesystem thereby transmitting the hardware identifier of the computersystem on the one hand would not receive the correct password and on theother hand would provide the central database system with a hardwareidentifier of a stolen computer system.

BRIEF DESCRIPTION OF THE DRAWINGS

FIG. 1 is a flowchart of the computer system operating in unlocked mode.

FIG. 2 is a flowchart of the computer system operating in locked mode.

FIG. 3 is a block diagram of a computer of a distributed computersystem, according to the present invention.

FIG. 4 illustrates the distributed computer system of FIG. 3.

DETAILED DESCRIPTION OF THE PREFERRED EMBODIMENTS

The present invention will now be described in detail with reference tothe figures.

FIG. 3 illustrates computer system 300 which incorporates the presentinvention. The computer system 300 has an input/output module 302, anonvolatile memory 304, an operating system 306, a time interval settingprogram 308, and one or more user applications 309. A Basis Input/OutputSystem code (“BIOS”) 310, hardware identifier 312, mode identifier 314and time meter 316 are stored in the nonvolatile memory 304. Theoperating system can be any of a wide variety of known operating systemssuch as Windows™ (of Microsoft Corporation) operating system, UNIX™(licensed by X/OPEN Company LTD), Linux™ (of Linux Torvalds), etc. Theuser applications can be any of a wide variety of known userapplications such as word processing software, web browsers, businessapplications, etc. In the illustrated embodiment, the BIOS 310 includesknown microcode that controls basic hardware operations such as ainteractions with disk drives and the keyboard. The BIOS 310 alsoincludes microcode according to the present invention to control accessto computer system 300. (The BIOS is typically preloaded into thecomputer system 300, but can also be delivered to the computer systemvia a computer readable storage medium such as a disk or tape, ordownloaded via a network.) The hardware identifier uniquely identifiesthe computer system 300. The time meter specifies a time interval orexpiration time and date for unlocked, full operational access tocomputer system 300. By way of example, the time interval is a week to amonth. The mode identifier specifies whether the system is currentlyconfigured in a locked mode, unlocked mode or a deactivated mode. In theunlocked mode, the computer system will fully perform its normaloperations, i.e. the BIOS will fully boot up, and the operating systemand application(s) 309 will execute. In the locked mode, the computersystem 300 will not perform its normal operations, the operating systemwill not run and therefore the user application(s) 309 will not run.Also, in the locked mode, the boot process will operate in a limitedmanner to display the hardware identifier and solicit a password from auser and evaluate the password, but not initiate activation of theoperating system unless a valid password is entered. In the deactivatedmode, the computer system will operate in a limited manner as in thelocked mode. In addition, in the deactivated mode, the computer systemwill delay the display of the hardware identifier and the solicitationof the password, to slow efforts of a hacker. The time interval iseither in the form of a period of time during which the computer systemis unlocked or in form of a specific expiration time and date when thecomputer system becomes locked.

Hidden from the user, the computer system 300 uses the specified timeinterval as follows. When the computer system 300 is booted, the BIOSchecks whether the time interval has elapsed. If the time interval haselapsed, the BIOS switches the computer system into the locked mode andinitiates a corresponding password dialogue to solicit a password fromthe user. If the user enters a valid password, the BIOS will unlock thecomputer. During the unlocked mode, the computer system 300 operates ina normal manner to execute is applications. Before the expiration of thetime interval, a legitimate user or administrator can advance the timeinterval, either by direct update of the time interval in time meter316, entry of a software update which advances the time interval orrequest to a central database system 406 (FIG. 4) for programming toadvance the time interval. If the computer system is stolen, when thetime interval elapses, the thief will no longer have access to thecomputer system in the operational state. The thief will not have thepassword or any software update for the time interval, and so cannotextend the time interval. Presumably, the legitimate owner will notifythe central database system that the computer system has been stolen, sothe central database system will not assist the thief in unlocking thecomputer.

The hardware identifier, the mode identifier and the time meterspecifying the time interval are needed for an initialization andexecution of the password dialogue. Consequently, they are accessibleprior to booting of the operating system 306. Furthermore, theseparameters are stored in a nonvolatile memory to ensure that theparameters are not erased when the computer system is detached from apower supply. Moreover, the parameters are generally not modified byreinstalling the time interval setting program 308 or operating system.The time interval or the time meter can only be modified by installing aan update to time interval setting program 308, or by an authenticateduser that passes a conventional authentication procedure and manuallyupdates the time interval.

When a user purchases the computer system 300 from a supplier togetherwith a service or maintenance agreement, the user will be supplied withupdates to the time interval setting program within regular timeintervals. By installing the updates appropriately, the software updateswill advance the time interval and consequently, the computer system 300will not switch to the locked mode. For practical reason, the computersystem may inform the user to install an available update before thecomputer system switches into locked mode. In another case, when a userpurchases the computer system and the time interval setting programwithout a service or maintenance agreement, the user will be suppliedwith a password allowing the user to manually modify the time interval.In either case the theft protection or access protection of the computersystem becomes active after the predefined time interval has elapsed.

FIG. 4 shows a block diagram of the environment for the accessprotection of the computer system. Basic components of the environmentare the computer system 300, an update 402 to the time interval settingprogram, a user 404, a central database system 406 and a network 408which interconnects computer system 300 to the central database system406. The user 404 making use of the computer system 400 regularlyinstalls the updates 402 on the computer system 400 to advance the timerand unlocked condition. The updates 402 are either provided by thecentral database system 406 or by a third party supplier.

When the computer system 400 has become subject to theft or when arequired update 402 has not been installed on the computer system 400,the computer system switches into the locked mode. In locked mode, thecomputer system 400 only displays its hardware identifier to the user.An authorized user will know and can enter (the hardware identifier and)required information about his or her own identity to the centraldatabase system to obtain access. Based on the provided hardwareidentifier the central database system 406 can determine if the computersystem 400 has been reported as stolen. Moreover, the central databasesystem 406 is able to authenticate the user 404 as the legitimate userof the computer system 400. Only when the legitimate user has beenidentified by the central database system, the password required tounlock or to reactivate the computer system 400 is returned to the user404. Presumably, the password is generated on the basis of the hardwareidentifier and some specific encryption algorithm being executed by thecentral database system and by the BIOS of the computer system 400.

A new update 402, when installed, may also incorporate an update of thisencryption algorithm in the BIOS of the computer system 400. Such anupdate has two advantages. First, each password is specific to only onecomputer system 400 and cannot be universally applied to differentcomputer systems. Second, a password obtained from the central databasesystem 406 unlocks or reactivates a computer system 400 only once.Consequently, it cannot be applied repeatedly when the computer systemlocks again after the predefined time interval elapses for a secondtime.

Alternatively, the interaction between the computer system 400 and thecentral database system 406 can also be realized by making use ofnetwork 408. In this case the computer system 400 automaticallyestablishes a network connection to the central database system 406 andtransmits its hardware identifier autonomously to the central databasesystem 406. The central database system 406 will solicit additionalinformation, via network 408) about the user 404 to determine whetherthe user 404 is the legitimate user of the computer system 400. Thistransmission can either be performed by the user directly transmittingthe required information to the central database system 406 or byentering the required information into an expanded password dialogue ofthe computer system 400. The computer system 400 then transmits thisadditional information via the established network connection to thecentral database system 406.

FIG. 1 is a flowchart of computer system 300 operating in the unlockedmode. After the computer 300 has been switched on, the BIOS code isbooted up and checks whether the system is operating in the locked orunlocked mode (based on the mode identifier). If the computer systemoperates in the unlocked mode, then operating system 306 starts/boots up(step 100). Next, the BIOS starts various device drivers (step 102).Next, the operating system starts time interval setting program 308 anduser application(s) 309 (step 104).

As explained above, BIOS 310 controls the time interval for access tocomputer system 300. User application(s) 309 proceed in their ordinaryoperating mode, i.e. the running mode (step 106), and the BIOS reads thetime meter 316 to determine if the time interval has lapsed (step 108).The time interval specifies either a distinct expiration time and dateat which the computer system 300 switches from the unlocked into lockedmode or a time period during which the entire computer system 300 can beused in the unlocked mode. If the time interval has lapsed (decision110, yes branch), then the BIOS 310 shuts down operating system 306 (inan orderly manner) which shuts down user application(s) 309, updates themode identifier to “locked” (step 114). Thus, BIOS 310 switches thecomputer system 300 into the locked mode. Refer again to decision 110,no branch, where the time interval has not lapsed. In such a case, theBIOS checks whether the time interval has lapsed or nearly lapsed, and aprocedure should be performed to extend the time interval. Examples forsuch time interval extension procedures are installing an update 42 toextend the time interval or manually modifying the time interval by anauthenticated user. If no such procedure is needed at this time(decision 112, no branch), then BIOS 310 returns to step 106 to continuein its ordinary operation mode. However, if a procedure needs to beperformed within the time interval to extend the time interval (decision112, yes branch), then the BIOS initiates this procedure (step 116).When for example in decision 112, the BIOS detects that an update 42needs to be installed, then the BIOS modifies the time meter in step 116such that the computer system operates in unlocked mode at least until asuccessive update becomes available. Performing a time interval relatedaction in step 116 involves either resetting of the time meter orredefining the time interval specifying the point of time after whichthe computer system switches to the locked mode. After execution of step116, the BIOS returns to the step 106 where the user application(s)continue to operate in their ordinary mode.

Steps 108 through 116 are performed while the user application(s) 309are running. Preferably, these steps are performed on a regular basis atpredefined time intervals, such as every five or ten minutes. As notedabove, in the illustrated embodiment, the BIOS performs steps 108through 116 so that access protection according to the present inventionis independent of the operating system and software configuration ofcomputer system 300.

FIG. 2 illustrates a flowchart of the BIOS and other programming withinthe computer system 300 operating in the locked mode. This would be thesituation after a thief steals the computer system (or a legitimateowner fails to advance the time interval) and the time interval lapses.After the computer system 300 is turned on, the BIOS code isautomatically booted up (step 200). Directly thereafter, i.e. prior to abooting procedure of the operating system 306, the BIOS checks the modeidentifier to determine whether the system 306 is in unlocked mode(decision 202). If the system 300 is in the unlocked mode, then the BIOSstarts the operating system (step 204). In this case, the system 300operates in the unlocked mode and the procedure illustrated in FIG. 1 isimplemented. However, if the system 300 is in locked mode (decision 202,no branch), then the BIOS checks if the system 300 is deactivated(decision 206). This check is performed by checking the mode identifier.If system 300 has been deactivated, then the BIOS waits a predeterminedtime delay that was previously configured and recorded (step 208). Thetime delay of step 208 can be constant or can increase every time it isapplied. During application of this time delay, the computer system isnot accessible, i.e. the screen does not display anything and the systemdoes not react to input made by a keyboard, mouse or other type of inputdevice. After the time period specified by the time delay in step 208has elapsed, the BIOS causes the hardware identifier of the computersystem to be displayed on the screen of the computer system (step 210).

Refer again to decision 206, no branch, where the system has not beendeactivated, the BIOS 310 proceeds to step 210 to display the hardwareidentifier without applying any kind of time delay.

In the illustrated embodiment, the functionality of the computer system300 is limited in step 210 in the locked mode to the display of thehardware identifier as part of a password dialogue. The hardwareidentifier is needed to unequivocally identify the computer system. Alegitimate user of the computer system may use the hardware identifierto receive the password for the password dialogue from a centraldatabase system 406 (shown in FIG. 4). When the legitimate user hasreceived the correct password from the central database system, thelegitimate user enters the password into the password dialogue in step212. Next, the BIOS checks whether or not the password is correct(decision 214). If the password is correct (decision 214, yes branch),then the BIOS switches the computer system from either deactivated orlocked mode into the unlocked mode (step 216). After being switched intothe unlocked mode, the BIOS starts or boots up the operating system ofthe computer system (step 204).

Refer again to decision 214, no branch where a user enters an incorrectpassword, and the BIOS detects the incorrect password. In such a case,the BIOS checks whether an incorrect password has already been entered apredefined number of times (decision 218). The number of times that anincorrect password can be entered without deactivating the system caneither be specified by an authenticated user or by the time intervalsetting program. If the incorrect password has already been entered thepredefined number of times, this may indicate an unauthorized user suchas a “hacker”, and in response, the BIOS deactivates system 300 (step220). Next, the BIOS returns to step 208 to apply the time delay, andthen to step 210 to permit reactivation of system 300, assuming the userenters the proper password. Refer again to decision 218, no branch,where an incorrect password has not yet been entered for a predefinednumber of times. In this case, it is premature to assume an unauthorizeduser, so the BIOS returns to step 212 without deactivating the system,to permit the user to re-enter the password.

The computer system does not switch into the unlocked mode by simplyrebooting. Whenever the computer system runs into the locked ordeactivated mode it remains in this particular mode unless the correctpassword is entered in the password dialogue. Being once in locked ordeactivated mode, booting of the computer system is disabled. As aconsequence an unauthorized user or thief has no possibility tomanipulate the hardware or software configuration of the computersystem. Consequently, not only the user application(s) but the entirecomputer system becomes useless for such an unauthorized user.

When in ordinary operation mode, i.e. unlocked, activated mode, thecomputer system 300 including user application(s) 309 operates as aconventional computer system (except for the BIOS performing periodicchecks to determine if the time interval has lapsed). During run time inthis ordinary operation mode, a user can interact with the userapplication(s) 309 via the input/output module 302 to attain the normalfunction of user application(s) 309. Operating system 306 controlsexecution of input/output module 302 and the user application(s) 309.

Based on the foregoing, a computer system, method and program productfor controlling access to a computer system have been disclosed.However, numerous modifications and substitutions can be made withoutdeviating from the scope of the present invention. Therefore, thepresent invention has been disclosed by way of illustration and notlimitation, and reference should be made to the following claims todetermine the scope of the present invention.

1. A method of controlling access to a computer system, said methodcomprising the steps of: said computer system operating in a fullyoperational mode in which an operating system in said computer system isoperating and said computer system executes one or more userapplications installed in said computer system; in response to apredefined time interval lapsing, automatically switching the computersystem from said fully operational mode to a limited operational mode inwhich said one or more user applications are terminated, said operatingsystem is shut down, and a BIOS within said computer system solicitsentry of a password by a user, and if said user fails to enter a validpassword, preventing operation of said operating system and execution ofsaid one or more user applications.
 2. A method as set forth in claim 1wherein if said user fails to enter a valid password, maintaining saidlimited operational mode of said computer system.
 3. A method as setforth in claim 1 wherein in response to said limited operational modeand a user entering incorrect password(s) a predefined number of times,deactivating said computer system.
 4. A method as set forth in claim 1,wherein in said limited operational mode, said operating system is shutdown by said BIOS.
 5. A method as set forth in claim 1 furthercomprising the step of a legitimate user of said computer systemextending said time interval.
 6. A method as set forth in claim 5,wherein said legitimate user or administrator extends said time intervalby (a) manually updating a file within said computer system, said filespecifying said time interval or (b) installing a software update whichupdates said file.
 7. A method as set forth in claim 1 wherein when saidcomputer system is in the limited operational state, said BIOS alsoinitiates display of an identification of said computer system.
 8. Amethod as set forth in claim 1 further comprising the subsequent stepsof: a legitimate user of said computer system transmitting an identifierof said computer system and information about said legitimate user to acentral database system, and in response, said central database systemchecking legitimacy of said user based on said hardware identifier anduser information, and if said user is legitimate, said central databasesystem sending a valid password to said user.
 9. A computer system forcontrolling operation of an operating system and one or more userapplications within said computer system, said computer systemcomprising: means for operating said computer system in a fullyoperational mode in which the operating system and the one or more userapplications are operating; and means, responsive to lapse of apredefined time interval, for automatically switching the computersystem from said fully operational mode to a limited operational mode inwhich said operating system and said one or more applications do notoperate, and a BIOS within said computer system solicits entry of apassword by a user, and if said user fails to enter a valid password,preventing operation of said operating system and said one or more userapplications.
 10. A system as set forth in claim 9 further comprisingmeans, responsive to said user failing to enter a valid password, formaintaining said limited operational mode of said computer system.
 11. Asystem as set forth in claim 9 further comprising means, responsive tosaid limited operational mode and a user entering incorrect password(s)a predefined number of times, for deactivating said computer system. 12.A system as set forth in claim 9, wherein in said limited operationalmode, said operating system is shut down by said BIOS.
 13. A system asset forth in claim 9 further comprising means for enabling a legitimateuser of said computer system to extend said time interval.
 14. A systemas set forth in claim 13, wherein said legitimate user or administratorextends said time interval by (a) manually updating a file within saidcomputer system, said file specifying said time interval or (b)installing a software update which updates said file.
 15. A system asset forth in claim 9 wherein when said computer system is in the limitedoperational state, said BIOS also initiates display of an identificationof said computer system.
 16. A system as set forth in claim 9 furthercomprising: means for a legitimate user of said computer systemtransmitting an identifier of said computer system and information aboutsaid legitimate user to a central database system, and in response, saidcentral database system checking legitimacy of said user based on saidhardware identifier and user information, and if said user islegitimate, said central database system sending a valid password tosaid user.
 17. A computer program product for controlling operation ofan operating system and one or more user applications within saidcomputer system, said computer program product comprising: a computerreadable medium; first program instructions to operate said computersystem in a fully operational mode in which said operating system isoperating and said computer system executes said one or more userapplications; and in response to a predefined time interval lapsing,second program instructions to automatically switch the computer systemfrom said fully operational mode to a limited operational mode in whichsaid operating system and said one or more user applications do notoperate, and a BIOS within said computer system solicits entry of apassword by a user, and if said user fails to enter a valid password,said second program instructions prevent operation of said operatingsystem and said one or more user applications; and wherein said firstand second program instructions are stored on said medium.
 18. A methodof controlling access to a computer system, said method comprising thesteps of: a user attempting to activate the computer system; and inresponse, a BIOS within said computer system booting up, determiningthat said computer system is currently set for a limited operationalmode, preventing boot up of an operating system of said computer system,and soliciting a password from a user; and if said user fails to enter avalid password, said BIOS continuing to prevent boot up of saidoperating system, and if said user enters a valid password, causing saidoperating system to boot up and execute one or more user applicationswithin said computer system.
 19. A method as set forth in claim 18further comprising the step of a legitimate user of said computer systemextending said time interval.
 20. A computer system for controllingoperation of an operating system and one or more user applicationswithin said computer system, said computer system comprising: a BIOSprogrammed to begin boot up in response to a user attempting to activatethe computer system, and determine that said computer system iscurrently set for a limited operational mode, and in response, preventboot up of said operating system; and said BIOS programmed to respond tosaid user failing to enter a valid password by continuing to preventboot up of said operating system, and programmed to respond to said userentering a valid password by causing said operating system to boot upand execute one or more user applications within said computer system.